Research And Design Of Malicious Code Detection Technology Based On Deep Neural Network

In recent years,the proliferation of malicious code is increasing,the disguise and confusion of malicious code is becoming more and more difficult to deal with.The traditional malicious code detection technology based on byte comparison seems to be unable to cope with today's changing malicious code technology.However,the traditional machine learning malicious code detection technology highly depends on feature selection,and the quality of feature classifier will directly affect the results.In order to solve the harm of malicious code to the Internet environment,how to accurately distinguish and classify malicious code has become the focus of research in the field of Cyberspace Security.In order to solve the problem that the traditional machine learning method relies too much on the feature selection when detecting malicious code,this paper proposes a malicious code detection method based on deep neural network.By using the excellent results of deep neural network in image processing,the problem of code detection is transformed into the problem of image processing,which reduces the requirement of code feature selection.Firstly,the binary code file is transformed into the corresponding gray-scale image to get the code image data.In this paper,an image enhancement scheme based on information entropy and code assembly is proposed.Combined with the definition of information entropy and file structure,the code file is transformed into RGB color image,and the local information entropy of malicious code is calculated at the same time,and the information entropy is taken as transparency to form An RGBA image.Then,the convolution layer and pooling layer of the deep neural network are used to extract the high-dimensional features of the code image,so as to classify and detect the code.Finally,this paper has carried on the experiment to the proposed malicious code detection scheme,the data set used is BIG2015 data set,through the experiment contrast,the proposed code detection scheme has the obvious malicious code discrimination ability,the detection model accuracy rate is 98.83%,the classification model accuracy rate is97.74%(including positive samples),98.85%(excluding positive samples),The results show that the scheme is suitable for the current complex and changeable malicious code environment,and also provide a new way to deal with malicious code problem.